Description
Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Wonder Video Embed Cross-Site Scripting (1.7)
WordPress Plugin Mz-jajak 'id' Parameter SQL Injection (2.1)
WordPress Plugin Taxonomy Images Multiple Unspecified Vulnerabilities (0.6)
WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1)
WordPress Plugin Affiliates Manager Unspecified Vulnerability (2.7.7)